Re: [IPv6] sendmsg() for HBH ? Re: Removing extension headers from packets (revisited)
JINMEI Tatuya / 神明達哉 <jinmei@wide.ad.jp> Tue, 05 September 2023 22:14 UTC
Return-Path: <jinmei@wide.ad.jp>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FEDAC151078 for <ipv6@ietfa.amsl.com>; Tue, 5 Sep 2023 15:14:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eJ2mX4CrCvpl for <ipv6@ietfa.amsl.com>; Tue, 5 Sep 2023 15:14:50 -0700 (PDT)
Received: from mail.wide.ad.jp (mail.wide.ad.jp [IPv6:2001:200:0:1::7]) by ietfa.amsl.com (Postfix) with ESMTP id EDA55C1519A8 for <6man@ietf.org>; Tue, 5 Sep 2023 15:14:49 -0700 (PDT)
Received: from mail-qv1-f42.google.com (mail-qv1-f42.google.com [209.85.219.42]) (authenticated (0 bits)) by mail.wide.ad.jp (8.14.1+3.5Wbeta/8.14.1/smtpfeed 1.21) with ESMTP id 385MEdJi002287 (using TLSv1/SSLv3 with cipher AES128-GCM-SHA256 (128 bits) verified OK) for <6man@ietf.org>; Wed, 6 Sep 2023 07:14:41 +0900 (JST)
Received: by mail-qv1-f42.google.com with SMTP id 6a1803df08f44-64914f08c65so18296506d6.1 for <6man@ietf.org>; Tue, 05 Sep 2023 15:14:41 -0700 (PDT)
X-Gm-Message-State: AOJu0YxFWI1/6sTfZGqzz+pPiYo1yB3kxSpL9cHXSh38AjZa+apBTnRn QESa4UhYmybqixxQ1i1d2Sha7reQuHr8+UIbOQ0=
X-Google-Smtp-Source: AGHT+IFbjWvlihjoNUgnih18LHijKUUbWHEAd/1OSTZOkg3MA1a5DM3oLhoJZOMX2S/o4H5wRq9jxr6hlanObaoCazA=
X-Received: by 2002:a0c:e80a:0:b0:62f:fd5d:4ff with SMTP id y10-20020a0ce80a000000b0062ffd5d04ffmr14818196qvn.21.1693952079321; Tue, 05 Sep 2023 15:14:39 -0700 (PDT)
MIME-Version: 1.0
References: <CALx6S36gQBgNAp-Poq3pRupGWUh0iA8M546=S=vUp5cQK_82TQ@mail.gmail.com> <ZN8g05pO83NdLN90@faui48e.informatik.uni-erlangen.de> <CALx6S35RS4uKvaQ9G5R5BdffWKsmdUxR3KuwYqf8xtAKuTtqbw@mail.gmail.com> <bb6b247e51574a66acb46dc5013a3856@huawei.com>
In-Reply-To: <bb6b247e51574a66acb46dc5013a3856@huawei.com>
From: JINMEI Tatuya / 神明達哉 <jinmei@wide.ad.jp>
Date: Tue, 05 Sep 2023 15:14:28 -0700
X-Gmail-Original-Message-ID: <CAJE_bqdMQLNMES=ZgkFO536cGFE-sy7AotzaB=GsQBvTxoECvg@mail.gmail.com>
Message-ID: <CAJE_bqdMQLNMES=ZgkFO536cGFE-sy7AotzaB=GsQBvTxoECvg@mail.gmail.com>
To: "Shihang(Vincent)" <shihang9=40huawei.com@dmarc.ietf.org>
Cc: Tom Herbert <tom=40herbertland.com@dmarc.ietf.org>, Toerless Eckert <tte@cs.fau.de>, 6MAN <6man@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/hIOwYqLlR5l54DjtqUuPj7Zb6uA>
Subject: Re: [IPv6] sendmsg() for HBH ? Re: Removing extension headers from packets (revisited)
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Sep 2023 22:14:54 -0000
> But I am not sure about TCP because the packetization is done by the kernel. If it's about RFC3542, it clarifies that ancillary data can't be used on a TCP socket: It is not possible to use ancillary data to transmit the above options for TCP since there is not a one-to-one mapping between send operations and the TCP segments being transmitted. Instead an application can use setsockopt to specify them as sticky options. When the application uses setsockopt to specify the above options it is expected that TCP will start using the new information when sending segments. However, TCP may or may not use the new information when retransmitting segments that were originally sent when the old sticky options were in effect. As for requiring the privilege, RFC3542 didn't intend to necessarily require it for the general case (it explicitly states so if a special privilege is required for some specific part of API), but it notes that the use of certain HbH options might require it: Finally, we note that use of some Hop-by-Hop options or some Destination options, might require special privilege. That is, normal applications (without special privilege) might be forbidden from setting certain options in outgoing packets, and might never see certain options in received packets. Of course, it's not surprising if an implementation doesn't fully follow what the RFC says. -- jinmei On Mon, Aug 21, 2023 at 12:55 AM Shihang(Vincent) <shihang9=40huawei.com@dmarc.ietf.org> wrote: > > Hi Tom, > > I wonder if the sendmsg() can set the EH header on a per-packet basis, with different extension headers for each packet? My understanding is that it is doable for UDP since the packetization is done at user space. The ancillary data can be associated to each datagram. But I am not sure about TCP because the packetization is done by the kernel. > > > > Thanks, > > Hang > > > > From: ipv6 <ipv6-bounces@ietf.org> On Behalf Of Tom Herbert > Sent: Friday, August 18, 2023 10:14 PM > To: Toerless Eckert <tte@cs.fau.de> > Cc: 6MAN <6man@ietf.org> > Subject: Re: [IPv6] sendmsg() for HBH ? Re: Removing extension headers from packets (revisited) > > > > > > On Fri, Aug 18, 2023, 12:42 AM Toerless Eckert <tte@cs.fau.de> wrote: > > Btw: > > Does anybody here know, what the current state of affairs is re. > OS-level unprivileged host applications using UDP or TCP (OS) sockets to be able > to insert HBH headers vis sendmsg() (particles) ? > > I think to remember that a couple of years back, when i know some > folks looked last, not all the OSs (linux, android, windows, iOS/macos) > did support insertion of extension headers via sendmsg() for > UDP or TCP socket - unless the process had admin privileges. > > > > Hi Toerless, > > > > Yes, admin privileges are need to set EH in Linux. I have patches to fix that and am planning to push them at some point. > > > > > Not too difficult to fix IMHO, but if this problem still exists, > then i think it would help quite a bit if there was an IETF RFC > that clearly stated that HBH headers are meant to be something that > MUST be allowed for user (non-privileged) applications in support > of application-to-network signaling. Otherwise we may be dragged into > ongoing discussion of fear of risk with OS developers. > > And of course, we have to persuade ourselves, that such a statement > would be appropriate - and write such an RFC. > > Of course, this discussion is orthogonal to whether or not we want to > remove HBH headers along the path, but i for once think that any effort > to do cool future stuff with HBH is predicated on first agreeing that we want > OS-level unprivileged applications to unsert them. Otherwise we're just > again building some useless corner solution that will never get widely deployed. > > > > Yes, fortunately OS support doesn't require and standards action. > > > > Tom > > > > > Cheers > Toerless > > On Mon, Aug 14, 2023 at 01:12:40PM -0700, Tom Herbert wrote: > > Hi 6man, > > > > I know this topic of removing extension headers has been brought up > > before, but I think in light of some emerging use cases it might be > > worth revisiting. > > > > draft-herbert-fast and draft-media-hdr-wireless describe host to > > network signaling. Both of these use Hop-by-Hop extension headers > > (draft-media-hdr-wireless currently specifies using UDP options, but > > could be HBH). A common attribute of these is that the information in > > Hop-by-Hop options is only relevant in the local network of the > > source. More specifically, it might only be relevant to the first hop > > router in a provider network to process the options. After processing > > by that router, the Hop-by-Hop option just along for the ride, no > > other nodes in the path care about it and the end node probably > > doesn't care either. > > > > Segment routing has a similar property. Once the final segment is set > > in the Destination Address, the segment routing header contains no > > useful information to downstream nodes. > > > > In both these cases, as long as the destination is in the same domain > > as the sender, we expect things to work. For EH it's a statement of > > practicality because of perceived drop rates on the Internet, for > > segment routing it's inherent in the design for segment routing > > domains. So this raises the question, what happens if a sender sends > > to a destination out of its local domain and still wants services > > applied to packets while they're in the local domain, or what if > > segment routing is used to route a packet to an egress point in the > > segment routing domain that then traverses the Internet. > > > > Could it be acceptable for routers to remove HBH EH or routing header > > EH when a packet exits a limited domain? I realize this is contrary to > > RFC8200 and might be considered an architectural abomination, but on > > the other hand this might be a practical way to improve the > > deployability of extension headers without any material adverse side > > effects (other than packets being dropped which might happen anyway if > > packets with EH escaped the limited domain). > > > > Comments? > > > > Thanks, > > Tom > > > > -------------------------------------------------------------------- > > IETF IPv6 working group mailing list > > ipv6@ietf.org > > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > > -------------------------------------------------------------------- > > -- > --- > tte@cs.fau.de > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > --------------------------------------------------------------------
- [IPv6] Removing extension headers from packets (r… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Vasilenko Eduard
- Re: [IPv6] Removing extension headers from packet… Ole Troan
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Michael Richardson
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Bob Hinden
- Re: [IPv6] Removing extension headers from packet… Ole Trøan
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Bob Hinden
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] [EXTERNAL] Re: Removing extension head… Manfredi (US), Albert E
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] [EXTERNAL] Re: Removing extension head… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Michael Richardson
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Mike Simpson
- Re: [IPv6] Removing extension headers from packet… Pascal Thubert (pthubert)
- Re: [IPv6] Removing extension headers from packet… Pascal Thubert (pthubert)
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Ole Troan
- Re: [IPv6] Removing extension headers from packet… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Ole Troan
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- [IPv6] sendmsg() for HBH ? Re: Removing extension… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Toerless Eckert
- Re: [IPv6] Removing extension headers from packet… Ole Troan
- Re: [IPv6] Removing extension headers from packet… Pascal Thubert (pthubert)
- Re: [IPv6] Removing extension headers from packet… Michael Richardson
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Joel Halpern
- Re: [IPv6] Removing extension headers from packet… Ole Troan
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Ole Trøan
- Re: [IPv6] Removing extension headers from packet… Brian E Carpenter
- Re: [IPv6] Removing extension headers from packet… Mark Smith
- Re: [IPv6] Removing extension headers from packet… Ole Trøan
- Re: [IPv6] Removing extension headers from packet… Mike Simpson
- Re: [IPv6] Removing extension headers from packet… Tom Herbert
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… Shihang(Vincent)
- Re: [IPv6] Removing extension headers from packet… Stewart Bryant
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… Tim Chown
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… Toerless Eckert
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… Tom Herbert
- Re: [IPv6] sendmsg() for HBH ? Re: Removing exten… JINMEI Tatuya / 神明達哉